Extracted

• • Target

    b42a7d85d7353d56a810e4de437ba65e108d38e8098a408fd491ec96576a362d

  • Size

    2.0MB

  • MD5

    6934d931450f98f4ed12f881040a313b

  • SHA1

    efbf96a7484b17c37adbae865e3e81e9a1634dd7

  • SHA256

    b42a7d85d7353d56a810e4de437ba65e108d38e8098a408fd491ec96576a362d

  • SHA512

    72fbf2f66eb63f4c2e1fbb79fe9869682de06d2d347db78aaa90668940329032d4baa9570c4987fc6f0dac8c4b9e1b10b43468ae7f7fdf002515c86ae2a5f270

  • SSDEEP

    49152:6inmpGptWc5epmDBBgKNSjg1N0hd20x0LgwjLX/nvYX0mj:6inDHF2Kkjg1Whd2jzjLvvYD

  Score

  10^/10

  gcleanerdiscoveryloader

  • GCleaner

    GCleaner is a Pay-Per-Install malware loader first discovered in early 2019.

    loadergcleaner

  • Executes dropped EXE

  • Loads dropped DLL

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery
  behavioral1behavioral2